**The biggest ‘module’ being updated was the Drupal core of course: Drupal 8.5.0 was released about a month ago, [read more](https://www.drupal.org/blog/drupal-8-5-0). Also, everything else what stood out to the module updates of last month, enjoy:**
## 1. Password Policy
Drupal accepts all passwords made by users for their user account, even if it only consists of one letter. This modules refines that, you can determine the password policy of your Drupal system, for example:
- at least 8 characters;
- at least 1 special character;
- can’t be the same as your username or email address;
- can’t be a password which has been used previously.
## 2. Content- Security- Policy
[Content Security Policy](https://developer.mozilla.org/en-S/docs/Web/HTTP/CSP) (CSP) is an extra security layer, with Cross Site Scripting (XSS) and injection attacks, for example [SQL injection](https://en.wikipedia.org/wiki/SQL_injection). These attacks are used for all kinds of purposes, from identity theft to [defacing](https://nl.wikipedia.org/wiki/Defacen) websites or the spread of malware.
This module can automatically generate *Content- Security- Policy* headers for you, after you made the right settings in the Drupal backend.
## 3. Comment Notify
Send a notification to a Drupal content manager or administrator as soon as a comment is posted by a website visitor. This can be set up for both anonymous as logged in visitors.
## 4. Rest menu items
[Headless Drupal](/blog/headless-drupal-nodejs-part-13-drupal-8-restful-api) remains fresh, and rightfully so. We also use some installations enthusiastically, like this website for example.
This modules helps with setting up an [endpoint](https://stackoverflow.com/questions/2122604/what-is-an-endpoint) to serve out the menu items. You can give them *query parameters* to determine how much *menu level* you get back in this web service.
## 5. Breakpoints
A website which isn’t [responsive](https://en.wikipedia.org/wiki/Responsive_web_design), isn’t worth much nowadays. This Drupal module facilitates breakpoint management for your responsive web design, allowing the right [media queries](https://www.w3schools.com/css/css_rwd_mediaqueries.asp) to be set up.
## 6. Simple hierarchical select
When a content manager has to make a selection which involves categories and subcategories, this way of selecting might be useful to him.
## 7. Block Visibility Groups
Within the [block system](https://www.drupal.org/docs/8/core/modules/block/overview) in the Drupal core, you can determine per block where to block needs to go and who is allowed to see that block. But you can’t do it *in bulk* for a group of blocks.
With this Drupal module you can group blocks and configure per *block group* who is allowed to see what.
## 8. Empty Page
Whenever we develop a system within Drupal, we always add a *route* and facilitate the html dynamically to the screen of the visitor of said page in Drupal via [controllers](https://www.drupal.org/docs/8/api/routing-system/introductory-drupal-8-r...), [services](https://www.drupal.org/docs/8/api/services-and-dependency-injection/serv...) and [Twig](https://www.drupal.org/docs/8/theming/twig) files. It’s possible to work with blocks, ensuring that data keeps being positioned well via blocks.
If you are not a developer, in some use cases you’d want to make a page with the help of blocks alone. Like a landing page, which doesn’t need a [node](https://www.drupal.org/docs/7/nodes-content-types-and-fields/about-nodes).
Within the Drupal core you can never put your block anywhere in such a scenario, as you don’t have a page to put the block.
This module solves this because you can make an *empty* page and you can leave your blocks on that empty page. This prevents you from tediously making an empty node, generating unnecessary overhead. Exactly the problem the developer of this module intends to solve.
## 9. EU Cookie Compliance
## 10. Shield
We use this module in almost every Drupal installation when it comes to test- and acceptation environments. It completely shields your website from the outside world, unless you log in of course. Anonymous visitors and search engines won’t be able to reach our test environment, but we and our customers can.
Previously we used to do this by manually making a [.htpasswd](http://www.htaccesstools.com/articles/password-protection/), which is kind of cumbersome and is getting in the way locally as well, as you also need to incorporate it in .htaccess.
## 11. Access unpublished
Within the Drupal core it isn’t possible to have *unpublished content* being looked at by anonymous website visitors. Not even when they have a direct link of said item.
It is now possible with this module, useful for *content checkers* and *proofreaders* for example: they won’t need a log in for the website, making it easy to work with and secure.
(!) please note that the page can be indexed by Google, thereby making it findable for everybody. Don’t keep a *draft* open like this for too long and definitely don’t share sensitive information via this route.
## 12. Anonymous login
Previously, we developed a similar custom code in [Lus](/project/lus) to use this feature: redirect all non- logged in users to the login page.
This Drupal module offers a similar feature: it also redirects anonymous visitors, but only when they request an *admin path*. When someone successfully logs in, that someone will be redirected to the original *admin path* from where he entered.
## 13. Simplelogin
Generates a different login page, which is more simple, more compact and potentially more beautiful. You can also add a nice background image fit it in your own house- style.
## 14. BeautyTips
Shows tips when someone hovers over a certain text with his mouse, similar to the [Bootstrap tooltip](https://www.w3schools.com/bootstrap/bootstrap_tooltip.asp).
## 15. Schema.org Metatag
A great addition to your website for search engine optimization (SEO). It enriches your html, allowing search engines to better ‘read’ your Drupal system.
## 16. Login History
Drupal core doesn’t keep a history of logins, but there are scenarios where this is necessary. Among other things, this module generates:
- rough overview of all logins;
- logins from individual users;
- a block with login data for the visitors themselves: when was his last login and a link to his login history.
## 17. Minify JS
## 18. Minify Source HTML
Similar to ‘Minify JS’, but for the generated html.
## 19. IMCE Rename (D8)
IMCE is a popular tool for Drupal content managers to manage social media. This plugin allows names of files to be changed, ensuring better structuring and management.
## 20. Create and continue
A useful tool for when you need to add a lot of content, this module generates an extra button under your content item: ‘Save and add another’. You can continue with adding the next item immediately.
## 21. Block Refresh
Want to keep information in a Drupal block up to date, even when the page isn’t refreshed by the visitor? No problem, this module will take care of it for you:
- automatically refresh the content in a block after xx seconds;
- visitors can refresh manually;
- refresh after page refresh;
- can optionally be excluded in Drupal’s page cache or every external cache (like Varnish).
## 22. Single Date Time Picker
Easy adding of a required date and time.
## 23. Secure Login
Forces logging in via a secure line, in order to optimally protect your visitors’ privacy.
## 24. Menu target
Not available in Drupal core: specify per menu item if clicked link for visitors should be opened in current or in a new screen. Install this module et voilá: now you can specify if you want to have it opened in current or in a new screen.
## 25. Persistent Login
Drupal doesn’t have a standard ‘remember me’ feature in the login screen. This module does offer that feature and some extra security measures have been taken: it doesn’t implement a standard longer ‘PHP session time”.
You can set up the following:
- how long the users remain logged in, before they need to enter their information again;
- how many persistent sessions one Drupal user is allowed to have at the same time;
- determine for which pages the user does have to log in again, for example: when you want to change your user information.
## 26. CacheExclude
Without active [page caching](https://www.drupal.org/docs/8/administering-drupal-8-site/internal-page-...) a Drupal website won’t be able to handle a lot of visitors, that’s why it standardly active. But it can happen that you want to exclude certain pages from that cache, because realtime/ dynamic data is shown. When you need a random image or changing content, you might want to check this Drupal module out.
## Wrap up
Alright, that's it for now. I hope that this information allows you to further enrich, optimize your Drupal site and make it more user friendly.
Questions? Let me know!